]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* Internal EC functions for other submodules: not for application use */ | |
11 | ||
12 | #ifndef OSSL_CRYPTO_ECX_H | |
13 | # define OSSL_CRYPTO_ECX_H | |
14 | # pragma once | |
15 | ||
16 | # include <openssl/opensslconf.h> | |
17 | ||
18 | # ifndef OPENSSL_NO_EC | |
19 | ||
20 | # include <openssl/core.h> | |
21 | # include <openssl/e_os2.h> | |
22 | # include <openssl/crypto.h> | |
23 | # include "internal/refcount.h" | |
24 | # include "crypto/types.h" | |
25 | ||
26 | # define X25519_KEYLEN 32 | |
27 | # define X448_KEYLEN 56 | |
28 | # define ED25519_KEYLEN 32 | |
29 | # define ED448_KEYLEN 57 | |
30 | ||
31 | # define MAX_KEYLEN ED448_KEYLEN | |
32 | ||
33 | # define X25519_BITS 253 | |
34 | # define X25519_SECURITY_BITS 128 | |
35 | ||
36 | # define X448_BITS 448 | |
37 | # define X448_SECURITY_BITS 224 | |
38 | ||
39 | # define ED25519_BITS 256 | |
40 | /* RFC8032 Section 8.5 */ | |
41 | # define ED25519_SECURITY_BITS 128 | |
42 | # define ED25519_SIGSIZE 64 | |
43 | ||
44 | # define ED448_BITS 456 | |
45 | /* RFC8032 Section 8.5 */ | |
46 | # define ED448_SECURITY_BITS 224 | |
47 | # define ED448_SIGSIZE 114 | |
48 | ||
49 | ||
50 | typedef enum { | |
51 | ECX_KEY_TYPE_X25519, | |
52 | ECX_KEY_TYPE_X448, | |
53 | ECX_KEY_TYPE_ED25519, | |
54 | ECX_KEY_TYPE_ED448 | |
55 | } ECX_KEY_TYPE; | |
56 | ||
57 | #define KEYTYPE2NID(type) \ | |
58 | ((type) == ECX_KEY_TYPE_X25519 \ | |
59 | ? EVP_PKEY_X25519 \ | |
60 | : ((type) == ECX_KEY_TYPE_X448 \ | |
61 | ? EVP_PKEY_X448 \ | |
62 | : ((type) == ECX_KEY_TYPE_ED25519 \ | |
63 | ? EVP_PKEY_ED25519 \ | |
64 | : EVP_PKEY_ED448))) | |
65 | ||
66 | struct ecx_key_st { | |
67 | OSSL_LIB_CTX *libctx; | |
68 | char *propq; | |
69 | unsigned int haspubkey:1; | |
70 | unsigned char pubkey[MAX_KEYLEN]; | |
71 | unsigned char *privkey; | |
72 | size_t keylen; | |
73 | ECX_KEY_TYPE type; | |
74 | CRYPTO_REF_COUNT references; | |
75 | CRYPTO_RWLOCK *lock; | |
76 | }; | |
77 | ||
78 | size_t ossl_ecx_key_length(ECX_KEY_TYPE type); | |
79 | ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, | |
80 | int haspubkey, const char *propq); | |
81 | void ossl_ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx); | |
82 | unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key); | |
83 | void ossl_ecx_key_free(ECX_KEY *key); | |
84 | int ossl_ecx_key_up_ref(ECX_KEY *key); | |
85 | ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection); | |
86 | int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen, | |
87 | unsigned char *secret, size_t *secretlen, | |
88 | size_t outlen); | |
89 | ||
90 | int ossl_x25519(uint8_t out_shared_key[32], const uint8_t private_key[32], | |
91 | const uint8_t peer_public_value[32]); | |
92 | void ossl_x25519_public_from_private(uint8_t out_public_value[32], | |
93 | const uint8_t private_key[32]); | |
94 | ||
95 | int | |
96 | ossl_ed25519_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[32], | |
97 | const uint8_t private_key[32], | |
98 | const char *propq); | |
99 | int | |
100 | ossl_ed25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, | |
101 | const uint8_t public_key[32], const uint8_t private_key[32], | |
102 | OSSL_LIB_CTX *libctx, const char *propq); | |
103 | int | |
104 | ossl_ed25519_verify(const uint8_t *message, size_t message_len, | |
105 | const uint8_t signature[64], const uint8_t public_key[32], | |
106 | OSSL_LIB_CTX *libctx, const char *propq); | |
107 | ||
108 | int | |
109 | ossl_ed448_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[57], | |
110 | const uint8_t private_key[57], const char *propq); | |
111 | int | |
112 | ossl_ed448_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig, const uint8_t *message, | |
113 | size_t message_len, const uint8_t public_key[57], | |
114 | const uint8_t private_key[57], const uint8_t *context, | |
115 | size_t context_len, const char *propq); | |
116 | ||
117 | int | |
118 | ossl_ed448_verify(OSSL_LIB_CTX *ctx, const uint8_t *message, size_t message_len, | |
119 | const uint8_t signature[114], const uint8_t public_key[57], | |
120 | const uint8_t *context, size_t context_len, const char *propq); | |
121 | ||
122 | int | |
123 | ossl_x448(uint8_t out_shared_key[56], const uint8_t private_key[56], | |
124 | const uint8_t peer_public_value[56]); | |
125 | void | |
126 | ossl_x448_public_from_private(uint8_t out_public_value[56], | |
127 | const uint8_t private_key[56]); | |
128 | ||
129 | ||
130 | /* Backend support */ | |
131 | typedef enum { | |
132 | KEY_OP_PUBLIC, | |
133 | KEY_OP_PRIVATE, | |
134 | KEY_OP_KEYGEN | |
135 | } ecx_key_op_t; | |
136 | ||
137 | ECX_KEY *ossl_ecx_key_op(const X509_ALGOR *palg, | |
138 | const unsigned char *p, int plen, | |
139 | int pkey_id, ecx_key_op_t op, | |
140 | OSSL_LIB_CTX *libctx, const char *propq); | |
141 | ||
142 | int ossl_ecx_public_from_private(ECX_KEY *key); | |
143 | int ossl_ecx_key_fromdata(ECX_KEY *ecx, const OSSL_PARAM params[], | |
144 | int include_private); | |
145 | ECX_KEY *ossl_ecx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, | |
146 | OSSL_LIB_CTX *libctx, const char *propq); | |
147 | ||
148 | ECX_KEY *ossl_evp_pkey_get1_X25519(EVP_PKEY *pkey); | |
149 | ECX_KEY *ossl_evp_pkey_get1_X448(EVP_PKEY *pkey); | |
150 | ECX_KEY *ossl_evp_pkey_get1_ED25519(EVP_PKEY *pkey); | |
151 | ECX_KEY *ossl_evp_pkey_get1_ED448(EVP_PKEY *pkey); | |
152 | # endif /* OPENSSL_NO_EC */ | |
153 | #endif |